XoopsUser API Reference
Complete API documentation for the XOOPS user system.
User System Architecture
Section titled “User System Architecture”classDiagram class XoopsUser { +int uid +string uname +string email +string pass +int user_regdate +int level +getVar(name, format) +setVar(name, value) +isAdmin(mid) +isActive() +getGroups() +getUnameFromId(uid) }
class XoopsUserHandler { +create(isNew) +get(uid) +insert(user) +delete(user) +getObjects(criteria) +getCount(criteria) +getList(criteria) +getUsersByGroup(groupId) }
class XoopsGroup { +int groupid +string name +string description +getVar(name) +setVar(name, value) }
class XoopsGroupHandler { +create(isNew) +get(groupid) +insert(group) +delete(group) +getObjects(criteria) }
class XoopsMemberHandler { +getUser(uid) +getUsersByGroup(groupid) +getGroupsByUser(uid) +addUserToGroup(groupid, uid) +removeUserFromGroup(groupid, uid) +loginUser(uname, pass) }
XoopsUser --> XoopsUserHandler : managed by XoopsGroup --> XoopsGroupHandler : managed by XoopsUserHandler --> XoopsMemberHandler : uses XoopsGroupHandler --> XoopsMemberHandler : usesXoopsUser Class
Section titled “XoopsUser Class”Properties
Section titled “Properties”| Property | Type | Description |
|---|---|---|
uid | int | User ID (primary key) |
uname | string | Username |
name | string | Real name |
email | string | Email address |
pass | string | Password hash |
url | string | Website URL |
user_avatar | string | Avatar filename |
user_regdate | int | Registration timestamp |
user_from | string | Location |
user_sig | string | Signature |
user_occ | string | Occupation |
user_intrest | string | Interests |
bio | string | Biography |
posts | int | Post count |
rank | int | User rank |
level | int | User level (0=inactive, 1=active) |
theme | string | Preferred theme |
timezone | float | Timezone offset |
last_login | int | Last login timestamp |
Core Methods
Section titled “Core Methods”// Get current userglobal $xoopsUser;
// Check if logged inif (is_object($xoopsUser)) { // User is logged in $uid = $xoopsUser->getVar('uid'); $username = $xoopsUser->getVar('uname');}
// Get formatted values$uname = $xoopsUser->getVar('uname'); // Raw value$unameDisplay = $xoopsUser->getVar('uname', 's'); // Sanitized for display$unameEdit = $xoopsUser->getVar('uname', 'e'); // For form editing
// Check if admin$isAdmin = $xoopsUser->isAdmin(); // Site admin$isModuleAdmin = $xoopsUser->isAdmin($mid); // Module admin
// Get user groups$groups = $xoopsUser->getGroups(); // Array of group IDs
// Check if active$isActive = $xoopsUser->isActive();XoopsUserHandler
Section titled “XoopsUserHandler”User CRUD Operations
Section titled “User CRUD Operations”// Get handler$userHandler = xoops_getHandler('user');
// Create new user$user = $userHandler->create();$user->setVar('uname', 'newuser');$user->setVar('email', 'user@example.com');$user->setVar('pass', password_hash('password123', PASSWORD_DEFAULT));$user->setVar('user_regdate', time());$user->setVar('level', 1);
if ($userHandler->insert($user)) { $newUid = $user->getVar('uid');}
// Get user by ID$user = $userHandler->get(123);
// Update user$user->setVar('email', 'newemail@example.com');$userHandler->insert($user);
// Delete user$userHandler->delete($user);Query Users
Section titled “Query Users”// Get all active users$criteria = new Criteria('level', 1);$users = $userHandler->getObjects($criteria);
// Get users by criteria$criteria = new CriteriaCompo();$criteria->add(new Criteria('level', 1));$criteria->add(new Criteria('posts', 10, '>='));$criteria->setSort('posts');$criteria->setOrder('DESC');$criteria->setLimit(10);$activePosters = $userHandler->getObjects($criteria);
// Get user count$count = $userHandler->getCount($criteria);
// Get user list (uid => uname)$userList = $userHandler->getList($criteria);
// Search users$criteria = new CriteriaCompo();$criteria->add(new Criteria('uname', '%john%', 'LIKE'));$criteria->add(new Criteria('email', '%john%', 'LIKE'), 'OR');$searchResults = $userHandler->getObjects($criteria);XoopsMemberHandler
Section titled “XoopsMemberHandler”Group Management
Section titled “Group Management”$memberHandler = xoops_getHandler('member');
// Get user with groups$user = $memberHandler->getUser($uid);$groups = $memberHandler->getGroupsByUser($uid);
// Get users in group$users = $memberHandler->getUsersByGroup($groupId);$users = $memberHandler->getUsersByGroup($groupId, true); // Objects$users = $memberHandler->getUsersByGroup($groupId, false); // UIDs only
// Add user to group$memberHandler->addUserToGroup($groupId, $uid);
// Remove user from group$memberHandler->removeUserFromGroup($groupId, $uid);Authentication
Section titled “Authentication”// Login user$user = $memberHandler->loginUser($username, $password);
if ($user) { // Login successful $_SESSION['xoopsUserId'] = $user->getVar('uid'); $user->setVar('last_login', time()); $userHandler->insert($user);} else { // Login failed}
// Logout$_SESSION = [];session_destroy();redirect_header(XOOPS_URL, 3, 'Logged out');Authentication Flow
Section titled “Authentication Flow”sequenceDiagram participant User participant LoginForm participant MemberHandler participant Database participant Session
User->>LoginForm: Submit credentials LoginForm->>MemberHandler: loginUser(uname, pass) MemberHandler->>Database: Query user by uname Database-->>MemberHandler: User record
alt User Found MemberHandler->>MemberHandler: Verify password hash alt Password Valid MemberHandler->>MemberHandler: Check user level > 0 alt User Active MemberHandler-->>LoginForm: User object LoginForm->>Session: Store user ID LoginForm->>Database: Update last_login LoginForm-->>User: Redirect to success else User Inactive MemberHandler-->>LoginForm: null (account disabled) LoginForm-->>User: Error: Account disabled end else Password Invalid MemberHandler-->>LoginForm: null LoginForm-->>User: Error: Invalid credentials end else User Not Found MemberHandler-->>LoginForm: null LoginForm-->>User: Error: Invalid credentials endGroup System
Section titled “Group System”Default Groups
Section titled “Default Groups”| Group ID | Name | Description |
|---|---|---|
| 1 | Webmasters | Full administrative access |
| 2 | Registered Users | Standard registered users |
| 3 | Anonymous | Non-logged in visitors |
Group Permissions
Section titled “Group Permissions”graph TB subgraph "Permission Types" A[Module Access] --> E[XoopsGroupPermHandler] B[Block View] --> E C[Module Admin] --> E D[Item-Level] --> E end
subgraph "Permission Check" E --> F{Has Permission?} F -->|Yes| G[Allow Access] F -->|No| H[Deny Access] endCheck Permissions
Section titled “Check Permissions”$gpermHandler = xoops_getHandler('groupperm');
// Check module access$groups = is_object($xoopsUser) ? $xoopsUser->getGroups() : [XOOPS_GROUP_ANONYMOUS];$hasAccess = $gpermHandler->checkRight('module_read', $moduleId, $groups);
// Check module admin$isAdmin = $gpermHandler->checkRight('module_admin', $moduleId, $groups);
// Check custom permission$hasPermission = $gpermHandler->checkRight( 'item_view', // Permission name $itemId, // Item ID $groups, // Group IDs $moduleId // Module ID);
// Get items user can access$itemIds = $gpermHandler->getItemIds('item_view', $groups, $moduleId);User Registration Flow
Section titled “User Registration Flow”sequenceDiagram participant Visitor participant Form participant Validation participant UserHandler participant Email participant Database
Visitor->>Form: Fill registration form Form->>Validation: Validate input
alt Validation Failed Validation-->>Form: Errors Form-->>Visitor: Show errors else Validation Passed Validation->>UserHandler: Create user
alt Email Activation Required UserHandler->>Database: Save with level=0 UserHandler->>Email: Send activation email Email-->>Visitor: Check your email else Auto Activation UserHandler->>Database: Save with level=1 UserHandler-->>Visitor: Registration complete end endComplete Example
Section titled “Complete Example”<?phprequire_once __DIR__ . '/mainfile.php';
use Xmf\Request;
$memberHandler = xoops_getHandler('member');$userHandler = xoops_getHandler('user');
// Registration handlerif (Request::hasVar('register', 'POST')) { // Verify CSRF if (!$GLOBALS['xoopsSecurity']->check()) { redirect_header('register.php', 3, 'Security error'); }
$uname = Request::getString('uname', '', 'POST'); $email = Request::getEmail('email', '', 'POST'); $pass = Request::getString('pass', '', 'POST'); $passConfirm = Request::getString('pass_confirm', '', 'POST');
$errors = [];
// Validate username if (strlen($uname) < 3 || strlen($uname) > 25) { $errors[] = 'Username must be 3-25 characters'; }
// Check if username exists $criteria = new Criteria('uname', $uname); if ($userHandler->getCount($criteria) > 0) { $errors[] = 'Username already taken'; }
// Validate email if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $errors[] = 'Invalid email address'; }
// Check if email exists $criteria = new Criteria('email', $email); if ($userHandler->getCount($criteria) > 0) { $errors[] = 'Email already registered'; }
// Validate password if (strlen($pass) < 8) { $errors[] = 'Password must be at least 8 characters'; }
if ($pass !== $passConfirm) { $errors[] = 'Passwords do not match'; }
if (empty($errors)) { // Create user $user = $userHandler->create(); $user->setVar('uname', $uname); $user->setVar('email', $email); $user->setVar('pass', password_hash($pass, PASSWORD_DEFAULT)); $user->setVar('user_regdate', time()); $user->setVar('level', 1); // Auto-activate
if ($userHandler->insert($user)) { // Add to Registered Users group $memberHandler->addUserToGroup(XOOPS_GROUP_USERS, $user->getVar('uid'));
redirect_header('index.php', 3, 'Registration successful!'); } else { $errors[] = 'Error creating account'; } }}
// Display registration formrequire_once XOOPS_ROOT_PATH . '/header.php';
if (!empty($errors)) { foreach ($errors as $error) { echo "<div class='errorMsg'>$error</div>"; }}
// Registration form here...
require_once XOOPS_ROOT_PATH . '/footer.php';Related Documentation
Section titled “Related Documentation”- User Management Guide
- Permission System
- Authentication
#xoops #api #user #authentication #reference